Security
Headlines
HeadlinesLatestCVEs

Tag

#mac

CVE-2024-43550: Windows Secure Channel Spoofing Vulnerability

**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** The attacker must inject themselves into the logical network path between the target and the resource requested by the victim to read or modify network communications. This is called a machine-in-the-middle (MITM) attack.

Microsoft Security Response Center
Open in Source
#vulnerability#mac#windows#Windows Secure Channel#Security Vulnerability
CISO Paychecks: Worth the Growing Security Headaches?

CISOs' cash compensation tops $400,000 now, but with the high pay comes struggles, rapidly changing responsibilities, and tight budgets.

Large scale Google Ads campaign targets utility software

Malicious Google sponsored results disguised as software downloads lead to malware.

Malicious Chrome Extensions Skate Past Google's Updated Security

Google's Manifest V3 offers better privacy and security controls for browser extensions than the previous M2, but too many lax permissions and gaps remain.

GHSA-5gpr-w2p5-6m37: PhpSpreadsheet allows absolute path traversal and Server-Side Request Forgery when opening XLSX file

### Summary It's possible for an attacker to construct an XLSX file which links media from external URLs. When opening the XLSX file, PhpSpreadsheet retrieves the image size and type by reading the file contents, if the provided path is a URL. By using specially crafted `php://filter` URLs an attacker can leak the contents of any file or URL. Note that this vulnerability is different from [GHSA-w9xv-qf98-ccq4](https://github.com/PHPOffice/PhpSpreadsheet/security/advisories/GHSA-w9xv-qf98-ccq4), and resides in a different component. ### Details When an XLSX file is opened, the XLSX reader calls `setPath()` with the path provided in the `xl/drawings/_rels/drawing1.xml.rels` file in the XLSX archive: ```php if (isset($images[$embedImageKey])) { // ...omit irrelevant code... } else { $linkImageKey = (string) self::getArrayItem( $blip->attributes('http://schemas.openxmlformats.org/officeDocument/2006/relationships'), 'link' ); if (isset($images[$linkImag...

Stealthy Malware Has Infected Thousands of Linux Systems for Years

Perfctl malware is hard to detect, persists after reboots, and can perform a breadth of malicious activities.

Insider Threat Damage Balloons as Visibility Gaps Widen

A growing number of organizations are taking longer to get back on their feet after an attack, and they're paying high price tags to do so — up to $2M or more.

How This Video Game Controller Became the US Military’s Weapon of Choice

After decades of relying on buttons, switches, and toggles, the Pentagon has embraced simple, ergonomic video-game-style controllers already familiar to millions of potential recruits.

GHSA-xwgj-vpm9-q2rq: Vulnerable juju introspection abstract UNIX domain socket

### Impact An abstract UNIX domain socket responsible for introspection is available without authentication locally to any user with access to the network namespace where the local juju agent is running. On a juju controller agent, denial of service can be performed by using the `/leases/revoke` endpoint. Revoking leases in juju can cause availability issues. On a juju machine agent that is hosting units, disabling the unit component can be performed using the `/units` endpoint with a "stop" action. ### Patches Patch: https://github.com/juju/juju/commit/43f0fc59790d220a457d4d305f484f62be556d3b Patched in: - 3.5.4 - 3.4.6 - 3.3.7 - 3.1.10 - 2.9.51 ### Workarounds No workaround. ### References https://github.com/juju/juju/blob/725800953aaa29dbeda4f806097bf838e61644dd/worker/introspection/worker.go#L125